Repository: metron Updated Branches: refs/heads/master 71a015fab -> 4116b9907
METRON-1565 Metaalerts fix denormalization after moving to active status (merrimanr) closes apache/metron#1017 Project: http://git-wip-us.apache.org/repos/asf/metron/repo Commit: http://git-wip-us.apache.org/repos/asf/metron/commit/4116b990 Tree: http://git-wip-us.apache.org/repos/asf/metron/tree/4116b990 Diff: http://git-wip-us.apache.org/repos/asf/metron/diff/4116b990 Branch: refs/heads/master Commit: 4116b99070849ffefd3b9b00ed7f4df2078594e7 Parents: 71a015f Author: merrimanr <[email protected]> Authored: Mon May 21 08:23:36 2018 -0500 Committer: merrimanr <[email protected]> Committed: Mon May 21 08:23:36 2018 -0500 ---------------------------------------------------------------------- .../dao/ElasticsearchMetaAlertDao.java | 7 ++- .../ElasticsearchMetaAlertIntegrationTest.java | 53 +++++++++++++++++++- 2 files changed, 57 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/metron/blob/4116b990/metron-platform/metron-elasticsearch/src/main/java/org/apache/metron/elasticsearch/dao/ElasticsearchMetaAlertDao.java ---------------------------------------------------------------------- diff --git a/metron-platform/metron-elasticsearch/src/main/java/org/apache/metron/elasticsearch/dao/ElasticsearchMetaAlertDao.java b/metron-platform/metron-elasticsearch/src/main/java/org/apache/metron/elasticsearch/dao/ElasticsearchMetaAlertDao.java index 2311a2b..2c42b08 100644 --- a/metron-platform/metron-elasticsearch/src/main/java/org/apache/metron/elasticsearch/dao/ElasticsearchMetaAlertDao.java +++ b/metron-platform/metron-elasticsearch/src/main/java/org/apache/metron/elasticsearch/dao/ElasticsearchMetaAlertDao.java @@ -349,7 +349,6 @@ public class ElasticsearchMetaAlertDao implements MetaAlertDao { boolean metaAlertUpdated = !status.getStatusString().equals(currentStatus); if (metaAlertUpdated) { metaAlert.getDocument().put(MetaAlertDao.STATUS_FIELD, status.getStatusString()); - updates.put(metaAlert, Optional.of(index)); List<GetRequest> getRequests = new ArrayList<>(); List<Map<String, Object>> currentAlerts = (List<Map<String, Object>>) metaAlert.getDocument() .get(MetaAlertDao.ALERT_FIELD); @@ -357,6 +356,7 @@ public class ElasticsearchMetaAlertDao implements MetaAlertDao { getRequests.add(new GetRequest((String) currentAlert.get(GUID), (String) currentAlert.get(SOURCE_TYPE))); }); Iterable<Document> alerts = indexDao.getAllLatest(getRequests); + List<Map<String, Object>> updatedAlerts = new ArrayList<>(); for (Document alert : alerts) { boolean metaAlertAdded = false; boolean metaAlertRemoved = false; @@ -371,7 +371,12 @@ public class ElasticsearchMetaAlertDao implements MetaAlertDao { if (metaAlertAdded || metaAlertRemoved) { updates.put(alert, Optional.empty()); } + updatedAlerts.add(alert.getDocument()); + } + if (MetaAlertStatus.ACTIVE.equals(status)) { + metaAlert.getDocument().put(MetaAlertDao.ALERT_FIELD, updatedAlerts); } + updates.put(metaAlert, Optional.of(index)); } if (metaAlertUpdated) { indexDaoUpdate(updates); http://git-wip-us.apache.org/repos/asf/metron/blob/4116b990/metron-platform/metron-elasticsearch/src/test/java/org/apache/metron/elasticsearch/integration/ElasticsearchMetaAlertIntegrationTest.java ---------------------------------------------------------------------- diff --git a/metron-platform/metron-elasticsearch/src/test/java/org/apache/metron/elasticsearch/integration/ElasticsearchMetaAlertIntegrationTest.java b/metron-platform/metron-elasticsearch/src/test/java/org/apache/metron/elasticsearch/integration/ElasticsearchMetaAlertIntegrationTest.java index 9e74fb6..6c78883 100644 --- a/metron-platform/metron-elasticsearch/src/test/java/org/apache/metron/elasticsearch/integration/ElasticsearchMetaAlertIntegrationTest.java +++ b/metron-platform/metron-elasticsearch/src/test/java/org/apache/metron/elasticsearch/integration/ElasticsearchMetaAlertIntegrationTest.java @@ -608,7 +608,7 @@ public class ElasticsearchMetaAlertIntegrationTest { } { - // Verify status changed to active and child alerts are updated + // Verify status changed to active and metaalerts fields on child alerts are updated Assert.assertTrue(metaDao.updateMetaAlertStatus("meta_alert", MetaAlertStatus.ACTIVE)); Map<String, Object> expectedMetaAlert = new HashMap<>(metaAlert); @@ -649,6 +649,37 @@ public class ElasticsearchMetaAlertIntegrationTest { } } } + + { + // Verify status changed to active and meta alert child alerts are refreshed + Assert.assertTrue(metaDao.updateMetaAlertStatus("meta_alert", MetaAlertStatus.INACTIVE)); + + Map<String, Object> expectedMetaAlert = new HashMap<>(metaAlert); + expectedMetaAlert.put(STATUS_FIELD, MetaAlertStatus.INACTIVE.getStatusString()); + + findUpdatedDoc(expectedMetaAlert, "meta_alert", METAALERT_TYPE); + + { + // Update a child alert by adding a field + Document alert0 = esDao.getLatest("message_0", SENSOR_NAME); + alert0.getDocument().put("field", "value"); + esDao.update(alert0, Optional.empty()); + + findUpdatedDoc(alert0.getDocument(), "message_0", SENSOR_NAME); + + // Change the status to active + Assert.assertTrue(metaDao.updateMetaAlertStatus("meta_alert", MetaAlertStatus.ACTIVE)); + + // Expect the first child alert to also contain the update + expectedMetaAlert.put(STATUS_FIELD, MetaAlertStatus.ACTIVE.getStatusString()); + List<Map<String, Object>> expectedAlerts = (List<Map<String, Object>>) expectedMetaAlert.get(ALERT_FIELD); + expectedAlerts.get(0).put("field", "value"); + + // Verify the metaalert child alerts were refreshed and the new field is present + findUpdatedDoc(expectedMetaAlert, "meta_alert", METAALERT_TYPE); + } + + } } @Test @@ -1043,13 +1074,31 @@ public class ElasticsearchMetaAlertIntegrationTest { throws InterruptedException, IOException, OriginalNotFoundException { for (int t = 0; t < MAX_RETRIES; ++t, Thread.sleep(SLEEP_MS)) { Document doc = metaDao.getLatest(guid, sensorType); - if (doc != null && message0.equals(doc.getDocument())) { + if (doc != null && compareDocs(message0, doc.getDocument())) { return; } } throw new OriginalNotFoundException("Count not find " + guid + " after " + MAX_RETRIES + " tries"); } + private boolean compareDocs(Map<String, Object> expected, Map<String, Object> actual) { + if (expected.size() != actual.size()) { + return false; + } + for(String key: expected.keySet()) { + if (ALERT_FIELD.equals(key)) { + List<Map<String, Object>> expectedAlerts = (List<Map<String, Object>>) expected.get(MetaAlertDao.ALERT_FIELD); + ArrayList<Map<String, Object>> actualAlerts = (ArrayList<Map<String, Object>>) actual.get(MetaAlertDao.ALERT_FIELD); + if (!expectedAlerts.containsAll(actualAlerts) || !actualAlerts.containsAll(expectedAlerts)) { + return false; + } + } else if (!expected.get(key).equals(actual.get(key))){ + return false; + } + } + return true; + } + protected boolean findCreatedDoc(String guid, String sensorType) throws InterruptedException, IOException, OriginalNotFoundException { for (int t = 0; t < MAX_RETRIES; ++t, Thread.sleep(SLEEP_MS)) {
